Thursday, October 3, 2024
HomeComputer SecurityMobile Spyware Maker mSpy Leaked Millions of Sensitive Data Online in Plain...

Mobile Spyware Maker mSpy Leaked Millions of Sensitive Data Online in Plain Text

Published on

A leading mobile spyware maker mSpy leaked more than a million paying customers including kids and partners high sensitive data online.

mSpy is a brand of mobile and computer parental control monitoring software for iOS,  Android, Windows, and macOS. mSpy monitors and logs user activity on the client device.

Leaked data contains millions of users including passwords, call logs, text messages, contacts, notes, and location data.

- Advertisement - EHA

These all the data has been collected secretly from kids, loved one and company employees from the different organization.

An online open mspy database has been discovered by a security researcher Nitish Shah that contains the username, password and private encryption key of each mSpy customer.

In this case, he tried to alert the company of his findings, but the company’s support personnel ignored him.

These sensitive data belongs to each mSpy customer who logged in to the mSpy site or purchased a mSpy license over the past six months.
Accoring to krebs on security, the database included the Apple iCloud username and authentication token of mobile devices running mSpy, and what appear to be references to iCloud backup files.
Anyone who stumbled upon this database also would have been able to browse the Whatsapp and Facebook messages uploaded from mobile devices equipped with mSpy.

Different records uncovered incorporated the exchange points of interest of all mSpy licenses bought in the course of the most recent a half year, including customer name, email address, street number and sum paid. Likewise in the informational collection were mSpy user logs from browser and Internet address data of individuals visiting the mSpy Web website.

Andrew,  mSpy’s chief security officer said“We have been working hard to secure our system from any possible leaks, attacks, and private information disclosure,”

“All our customers’ accounts are securely encrypted and the data is being wiped out once in a short period of time.”

This is a second-time mSpy Failed to protect their customer within 3 years and the 1st breach has been reported on 2015.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

Tor Browser 13.5.6 Released – What’s New!

The Tor Project has announced the release of Tor Browser 13.5.6, which is now...

Mario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human Identities

Aembit, the non-human IAM company, today announced the appointment of Mario Duarte as chief...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce

North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue...

MC2 Data leak Exposes 100 million+ US Citizens Data

Researchers have uncovered a massive data breach at MC2 Data, a prominent background check...

Hertz Car Rental Platform Leaks 60,000 Insurance Claim Reports

Hertz, a well-known car rental company, has inadvertently exposed over 60,000 insurance claim reports....